Splunk Enterprise Security

Differences between the Splunk Security courses?

thebaconking
Explorer

Could anyone give me a synopsis of the differences between the courses "Using Splunk Enterprise Security 5.2" and "Administering Splunk Enterprise Security 5.2"? I am trying to figure out which is the best/right course for me. I have looked over the course descriptions but I am still not sure. Thanks

0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

The "Using" course is for SOC/NOC personnel who will be making use of Splunk's Enterprise Security app as part of their jobs. The "Administering" course is for Splunk admins who have Enterprise Security installed in their environment.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway
SplunkTrust
SplunkTrust

The "Using" course is for SOC/NOC personnel who will be making use of Splunk's Enterprise Security app as part of their jobs. The "Administering" course is for Splunk admins who have Enterprise Security installed in their environment.

---
If this reply helps you, Karma would be appreciated.

thebaconking
Explorer

Thank you very much for the clarification Rich! And I am very sorry for my tardy response!

0 Karma

smoir_splunk
Splunk Employee
Splunk Employee

What do you do? It's hard to tell which one would be better for you without understanding more about what you do in your day-to-day job and what you want to be doing with enterprise security

0 Karma

thebaconking
Explorer

I was thinking of taking a job at another company doing threat hunting/incident reviewing but they were offering training as well so I just wanted to make sure the correct course would be available in the "spin up" time frame they gave me. Sorry for the very late response!

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...